Summer Regulatory Summit eBook

Internal Use Only

Current Threat Environment

Ransomware remains the most visible , active, and dangerous threat The threat of cyberattacks is enhanced by current geopolitical climate

• According to Chainalysis, 2023 was a record year for ransoms paid • Ransoms paid totaled approximately $1.1 billion • Despite law enforcement successes, there are no current indications that ransomware threats are waning

• State-sponsored and politically motivated attacks against the US and Western allies • Conflicts between Russia and Ukraine, Israel and Hamas, and tensions with China over the disposition of Taiwan • Financially-motivated attacks from other groups are also occurring

Internal Use Only

Current Threat Environment • Ransomware groups are adopting new tactics

• Threat groups are often aggressive, sometimes "toying with" law enforcement • "Traditional" encryption-only attacks continue • Double extortion and triple extortion tactics have emerged • Exfiltration-only attacks are also prevalent • Attackers are also leveraging simultaneous DDoS attacks and other tactics • Other forms of cyberattacks continue to present a threat • Disruptive DDoS attacks continue and remain popular among hacktivist groups